<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">

Data breach reports at record high

data security

According to a report by Computer Weekly, the Information Commissioner's Office (ICO) has dealt with more data breach reports and issued more fines in the past year than ever before.

This is a big improvement from two years ago, when a report, also by Computer Weekly revealed that an estimated 92% of data breaches go unreported to the ICO.

A half of all information security breaches are due to human error, more often than not, by people not understanding the policy.

With tougher penalties of up to €20m or 4% of  global annual turnover on the way as a result of the GDPR, there has never been a bigger incentive to get data security right.

Follow these top tips to improve data security and reporting:
  1. Familiarise yourself with your company's IT, information security, privacy and confidentiality rules and related policies - You can't fully protect yourself and your firm if you don't know what to do
  2. Be clear about your responsibilities - Know what data you are responsible for, what you are allowed to do with it and what you aren't
  3. Take extra care when taking data offsite - Only do this if it is absolutely essential; make sure that any data is encrypted or password-protected; and ensure that it's returned or deleted after use
  4. Only use secure networks to access or transfer your firm's data - Accessing your company's network via a public WiFi hotspot in a cafe will make you more vulnerable
  5. Only share information on a 'need to know' basis - Avoid forwarding data to groups of people data securityand take care typing email addresses to avoid sending data to the wrong recipient
  6. Understand and check document classifications (eg - Private, Confidential, Public, etc) and privileges - Even people in the same department or function may have different access rights so check who is entitled to what and how documents are classified before sharing them
  7. Follow the password rules - Use strong passwords and change them regularly; avoid sharing your password with anyone else as your password may give others access to restricted information
  8. Only use work devices to access information related to your firm - Avoid forwarding data to your personal email or smartphone
  9. If you're not sure how to protect your firm's data, ask - You can get more advice and support from the IT department or your manager
  10. Never conceal data losses or breaches - If you make a mistake, tell your manager or IT department immediately so your firm can act quickly to limit their losses

Leave a comment

Tick

eBook: Essential Uncovered

Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

Download now

How to Manage the Compliance Personas in Your Company

Rory has no time for rules, especially the pointless ones that add a lot of work for no apparent benefit. When he encounters such rules, his first thought is to find a work-around. Andy doesn't mind ...

Read More
FCA Compliance News - November 2018

An overview of the most recent and upcoming changes to FCA guidelines for senior managers...   Regulatory Update The last six weeks have been a very busy time for the UK regulators, with both the ...

Read More
Compliance Essentials News - November 2018

This blog is dedicated to bringing you the news that touches the people dimension of regulatory compliance. It's not only about regulations, policies, procedures and systems. It's also about people, ...

Read More
Getting personal: five ways to engage staff with compliance training

It's an on-going struggle for most companies to engage their staff with compliance training. There's a constant stream of new regulations and tweaks to existing ones. And many of these require ...

Read More